cas sso 集成 java + php (discuz,bbs) 配置
cas 搭建准备工作:cas-server-3.4.4
cas-client-3.2.0
apache-tomcat-6.0.14
去掉https认证,改成http认证
1、进入WEB-INF\spring-configuration目录
打开warnCookieGenerator.xml文件
修改p:cookieSecure的值为false
2、打开ticketGrantingTicketCookieGenerator.xml文件
同样修改p:cookieSecure的值为false
3、打开WEB-INF\deployerConfigContext.xml文件
查找org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
把这代码块修改为如下:(添加 p:requireSecure="false" )
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient"p:requireSecure="false"/>
java 客户端配置
<!-- cas client start -->
<!-- 用于单点退出,该过滤器用于实现单点登出功能,可选配置-->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://116.226.60.173:8888/cas/login</param-value>
<!--这里的server是服务端的IP-->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://116.226.60.173:8888</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/front/member/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/memberCenter/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://116.226.60.173:8888/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://116.226.60.173:8888</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
该过滤器负责实现HttpServletRequest请求的包裹,
比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。
-->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- cas client end -->
php 端配置
require_once 'CAS.php';
define('CAS_SERVER_HOSTNAME', "192.168.18.8");
define('CAS_SERVER_PORT', 8888);
define('CAS_SERVER_APP_NAME', "cas");
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0, CAS_SERVER_HOSTNAME, CAS_SERVER_PORT, CAS_SERVER_APP_NAME);
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests();
phpCAS::forceAuthentication();
$username = phpCAS::getUser(); //获取cas 服务端用户名
页:
[1]